Archive: MSA

MASTER SUBSCRIPTION AGREEMENT

This Master Subscription Agreement (the “Agreement”) describes the terms and conditions that govern the acquisition and use of the SaaS Intelligence services (the “Services”) provided by Productiv, Inc. (“Productiv”). The Agreement is effective between Customer (defined below) and Productiv as of the date of Customer’s accepting this Agreement (the “Effective Date”).

BY ACCEPTING THIS AGREEMENT, BY (1) EXECUTING AN ORDER FORM THAT REFERENCES THIS AGREEMENT, (2) REGISTERING AN ACCOUNT WITH PRODUCTIV, (3) OR ACCESSING OR USING SERVICES, INCLUDING EVALUATION SERVICES (DEFINED BELOW), CUSTOMER AGREES TO THE TERMS OF THIS AGREEMENT. IF THE INDIVIDUAL ACCEPTING THIS AGREEMENT IS ACCEPTING ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, SUCH INDIVIDUAL REPRESENTS THAT THEY HAVE THE AUTHORITY TO BIND SUCH ENTITY AND ITS AFFILIATES TO THESE TERMS AND CONDITIONS, IN WHICH CASE THE TERM “CUSTOMER” SHALL REFER TO SUCH ENTITY AND ITS AFFILIATES. IF THE INDIVIDUAL ACCEPTING THIS AGREEMENT DOES NOT HAVE SUCH AUTHORITY, OR DOES NOT AGREE WITH THESE TERMS AND CONDITIONS, SUCH INDIVIDUAL MUST NOT ACCEPT THIS AGREEMENT AND MAY NOT USE THE SERVICES. IF CUSTOMER REGISTERS FOR OR USES AN EVALUATION SERVICE, APPLICABLE PROVISIONS OF THIS AGREEMENT WILL ALSO GOVERN THOSE EVALUATION SERVICES.

1. Definitions.
   1. “Affiliate” means, with respect to a party, any entity that directly or indirectly controls, is controlled by, or is under common control with such party. "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
   2. “Authorized User” means an individual who is authorized by Customer to use the Services or submit Customer Data.
   3. “Customer” means in the case of an individual accepting this Agreement on his or her own behalf, such individual, or in the case of an individual accepting this Agreement on behalf of a company or other legal entity, the company or other legal entity for which such individual is accepting this Agreement, and Affiliates of that company or entity (for so long as they remain Affiliates) which have entered into Order Forms
   4. “Customer Data” means data related to Customer’s organization, SaaS application usage and spend submitted by or on behalf of Customer to the Services. As used herein, “submit” includes providing data via Non-Productiv Application, upload, or otherwise transmitting to the Services.
   5. “Documentation” means Productiv’s product documentation for the applicable Services made available via https://help.productiv.com/ (or a successor site).
   6. “Evaluation Services” means features or functionality that Productiv may make available to Customer to try, at its option, and which may be designated by Productiv as a beta, limited release, essentials, evaluation, pilot, or by a similar description.
   7. “Non-Productiv Application” means any web-based, offline, mobile, or other software applications provided by Customer or a third party that may interoperate with or be managed by the Services.
   8. “Order Form” means an ordering document (including any online order) specifying the Services to be provided hereunder that is entered into between Customer and Productiv.
   9. “Order Term” means the subscription term for a purchased Service. Each Order Term will be specified in an Order Form.
   10. “Security Practices” means Productiv’s security practices set forth in Schedule A.
   11. “Services” means the SaaS intelligence platform, analytics and services provided by Productiv. Services excludes Non-Productiv Applications.
   12. “Support” means the technical support provided by Productiv for the applicable Services plan.
2. Productiv Obligations.
   1. Provision of Services. Productiv will (i) make the Services purchased under an Order Form available to Customer during the applicable Order Term and pursuant to this Agreement; (ii) provide standard Support to Customer at no additional charge, or, upgraded Support, if purchased on an Order Form; and (iii) use commercially reasonable efforts to make the Services available 24 hours a day, 7 days a week, except for planned downtime (of which Productiv gives prior electronic notice).
   2. Performance and Features. Productiv warrants that (i) the Services will perform materially in accordance with the Order Form and any applicable Documentation; and (ii) Productiv will not materially decrease the functionality of a purchased Service during an Order Term. For any breach of an above warranty, Customer’s exclusive remedies are those described in the sections titled “Termination for Cause” and “Refund or Payment upon Termination.”
   3. Protection of Customer Data. Productiv will maintain administrative, physical, and technical safeguards for the security, confidentiality and integrity of Customer Data at a level not materially less protective than as described in the Security Practices. Those safeguards will include measures for preventing unauthorized access, use, modification, deletion and disclosure of Customer Data by Productiv personnel. Before providing necessary access to Customer Data to a third-party service provider, Productiv will ensure that the third-party maintains reasonable data practices for maintaining the confidentiality and security of the Customer Data and preventing unauthorized access to or use of the Customer Data. However, Customer bears sole responsibility for adequate security, protection and backup of Customer Data when in Customer’s or its representatives or agents’ possession or control.
   4. Productiv Personnel. Productiv will be responsible for the performance of Productiv’s personnel (including Productiv’s employees and independent contractors) and their compliance with Productiv’s obligations under this Agreement.
   5. Compliance with Laws. Productiv will comply with laws applicable to Productiv in its provisioning of the Services to its customers generally.
   6. Data Processing Addendum. In the course of providing the Services to Customer, Productiv may process Customer Data that includes information relating to an identified or identifiable natural person (“Personal Data”). The parties agree that the Data Processing Addendum set forth at https://productiv.com/terms-of-service/ forms a part of and supplements this Agreement with respect to the processing of any such Personal Data.
   7. Evaluation Services. From time to time, Customer may be invited to try Evaluation Services at no charge for a free trial, preview or evaluation period. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE EVALUATION SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND PRODUCTIV SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT TO THE EVALUATION SERVICES, INCLUDING WITH RESPECT TO THEIR PERFORMANCE, SPEED, FUNCTIONALITY, AND SUPPORT. Unless otherwise stated on a relevant Order Form, Productiv may discontinue Evaluation Services at any time in its sole discretion. Customer is solely responsible for backing up and/or exporting Customer Data from the Evaluation Services prior to termination of Customer’s access to the Evaluation Services for any reason.
3. Access and Use of Services.
   1. Use of Services. Subject to the terms of this Agreement, Productiv grants to Customer a limited, non-sublicensable, non-exclusive, non-transferable right during the applicable Order Term to allow its Authorized Users to access and use the Services in accordance with the Order Form, solely for Customer’s internal business operations.
   2. Customer Obligations. Customer will (a) be responsible for all activities conducted under its and its Authorized Users’ use of the Services, and secure all access credentials provided by Productiv, (b) access and use the Services in compliance with this Agreement, the applicable Order Form, and all applicable laws, (c) be responsible for the accuracy, quality and legality of Customer Data, and possess sufficient rights to permit the use contemplated under this Agreement, (d) comply with its agreement(s) for any Non-Productiv Application with which Customer elects to use Services, and (e) not (i) access the Services for the purpose of building a competitive product or service, (ii) copy or create derivative works based on the Services, or any portion thereof, and (iii) reverse engineer, modify, adapt, or disrupt the proper operation of the Services, or otherwise attempt to gain unauthorized access to the Services or its related systems or networks.
   3. Removal Requests. Productiv has no obligation to monitor Customer’s use of the Services but Productiv may do so and may prohibit any use of the Services (or disable content or data) it believes may be (or alleged to be) in violation of Section 3(b).
   4. Non-Productiv Applications. If Customer chooses to use a Non-Productiv Application with a Service, Customer grants Productiv permission to connect the Service with the Non-Productiv Application to receive and process Customer Data on its behalf in accordance with this Agreement.
4. Fees.
   1. Services Fees. Customer will pay Productiv the applicable fees for the Services specified in the relevant Order Form (collectively, the "Fees"). Payment obligations are non-cancelable and, except as expressly set forth herein, Fees paid are non-refundable. If Customer’s use of the Services exceeds any applicable limits set forth on the Order Form or otherwise requires the payment of additional fees (per the terms of this Agreement), Customer shall be billed for such usage in accordance with 4(b) below and Customer agrees to pay the additional Fees in the manner provided therein.
   2. Invoice. Fees will be invoiced in advance and otherwise in accordance with the relevant Order Form. Productiv will bill Customer through invoices sent via email to the billing contact designated by Customer, unless a payment method is otherwise specified in the Order Form. Full payment for invoices issued must be received within thirty (30) days from the invoice date. Except for those taxes based on Productiv's net income, Customer will be responsible for all applicable taxes in connection with this Agreement including, but not limited to, sales, use, excise, value-added, goods and services, consumption, and other similar taxes or duties. Should any payment for the Services provided by Productiv be subject to withholding tax by any government, Customer will reimburse Productiv for such withholding tax.
   3. Suspension of Service. If any charge owed by Customer (excluding amounts reasonably disputed in good faith) is thirty (30) days or more overdue, Productiv may, without limiting its other rights and remedies, suspend any Services until such amounts are paid in full, provided Productiv has given Customer ten (10) or more days’ prior notice, which may be provided to Customer’s designated billing contact via email, that its account is overdue.
   4. Fee Disputes. If Customer believes that Productiv has billed Customer incorrectly, Customer must contact Productiv no later than sixty (60) days after the closing date on the first invoice in which the error or problem appeared, in order to request an adjustment or credit. Productiv will not exercise its rights under the “Suspension of Service” section above if Customer is disputing the applicable Fees reasonably and in good faith and is cooperating diligently to resolve the dispute. Unpaid invoices not being disputed reasonably and in good faith are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection.
   5. Future Functionality. Customer agrees that its purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written public or private comments made by Productiv regarding future functionality or features.
   6. Publicity. The parties acknowledge and agree that the pricing and discounts extended hereunder are contingent on Productiv’s limited right to use Customer’s company name and logo for marketing or promotional purposes on Productiv’s website, LinkedIn and in public or private communications with existing or potential Productiv customers, which Customer hereby grants, subject to Customer’s standard trademark usage guidelines as provided to Productiv from time-to-time. Any additional promotional use of company’s name and logo will be mutually agreed upon by the parties.
5. Term.
   1. Agreement Term. This Agreement commences on the Effective Date and continues until all Services and Evaluation Services have expired or been terminated (the "Term"). Services subscriptions commence on the start date specified in the applicable Order Form and continue for the Order Term specified therein. Except as otherwise specified in the applicable Order Form, all purchases will automatically renew for additional periods equal to the then-current Order Term, unless either party gives the other written notice of non-renewal (email permitted) at least thirty (30) days before the end of the relevant Order Term. The Fees during any automatic renewal term will be the same as the then-current fees, unless Productiv has provided notice at least thirty (30) days in advance of the end of the Order Term of a fee adjustment. Termination of this Agreement will terminate any and all Order Forms under this Agreement.
   2. Termination for Cause. Either party may terminate this Agreement effective after thirty (30) days’ notice if the other party materially breaches this Agreement and such breach is not cured within such notice period.
   3. Refund or Payment upon Termination for Cause. Upon any termination for cause by Customer, Productiv will refund Customer any prepaid fees covering the remainder of the Order Term of all subscriptions after the effective date of termination. Upon any termination for cause by Productiv, Customer will pay any unpaid fees covering the remainder of the term of all Order Forms after the effective date of termination. In no event will any termination relieve Customer of the obligation to pay any fees payable to Productiv for the period prior to the effective date of termination.
   4. Portability and Deletion. Customer may request deletion or export of Customer Data stored by Productiv. Following an Order Term, Productiv will have no obligation to maintain or provide any Customer Data, and upon Customer’s request or otherwise, Productiv will, unless legally prohibited, delete all Customer Data in its systems or otherwise in its possession.
   5. Surviving Provisions. The sections titled “Fees,” “Proprietary Rights,” “Confidentiality,” “Mutual Representations, Warranties and Disclaimers,” “Mutual Indemnification,” “Limitation of Liability,” “Refund or Payment upon Termination for Cause,” “Portability and Deletion,” “Surviving Provisions” and “General Provisions” shall survive any termination or expiration of this Agreement.
6. Proprietary Rights.
   1. Reservation of Rights in Services. Subject to the limited rights expressly granted hereunder, Productiv owns and reserves all rights, title and interest in and to the Services and Documentation, including all related intellectual property rights. No rights are granted to Customer hereunder other than as expressly set forth herein.
   2. Limited License to Customer Data. Subject to the limited rights expressly granted hereunder, Customer owns all rights, title and interest in and to its Customer Data. Customer grants Productiv and its Affiliates a worldwide, non-exclusive, limited term license to access, use, copy, distribute, perform and display Customer Data, and provide necessary access to third party service providers acting on its behalf, such as Amazon Web Services, to provide, maintain, and update the Services. Productiv may aggregate and de-identify Customer Data to generate and retain data about Productiv customers ("Aggregate Usage Data"). Productiv may use and disclose Aggregate Usage Data to develop and deliver Services or otherwise operate its business, provided that disclosure will not identify Customer, any Customer personnel or any Confidential Information (defined below) of Customer to any third party.
   3. Suggestions. If Customer or any Authorized User provides Productiv any feedback or suggestions regarding the Services or Evaluation Services, then Customer grants Productiv an unlimited, irrevocable, perpetual, sublicensable, royalty-free license to use any such feedback or suggestions for any purpose without any obligation or compensation to Customer or any Authorized User.
7. Confidentiality.
   1. Definition of Confidential Information. As used herein, "Confidential Information" means all confidential information disclosed by a party ("Disclosing Party") to the other party ("Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information of Customer shall include Customer Data, Confidential Information of Productiv shall include the Services and Documentation, and Confidential Information of each party shall include the terms and conditions of this Agreement and all Order Forms, as well as any non-public business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information shall not include any information that (a) is or becomes generally available to the public without breach of any obligation owed to the Disclosing Party; (b) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; (c) is received from a third party without breach of any obligation owed to the Disclosing Party; or (d) was independently developed by the Receiving Party without use of or reliance on the Confidential Information of the Disclosing Party.
   2. Protection of Confidential Information. The Receiving Party shall (a) use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care); (b) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement; and (c) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees, contractors and agents who need such access for purposes consistent with this Agreement. Neither party shall disclose the terms of this Agreement or any Order Form to any third party other than its Affiliates, its advisors or in confidence in connection with bona fide fundraising or M&A due diligence activities.
   3. Compelled Access or Disclosure. The Receiving Party may access or disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled access or disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the access or disclosure. If the Receiving Party is compelled by law to access or disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the access or disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.
8. Representations, Warranties and Disclaimers.
   1. Mutual Representation. Each party represents that it has validly entered into this Agreement and has the legal power to do so.
   2. Disclaimer. EXCEPT AS EXPRESSLY PROVIDED FOR HEREIN, THE SERVICES, DOCUMENTATION, SUPPORT AND ALL RELATED COMPONENTS AND INFORMATION ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY WARRANTIES OF ANY KIND, AND PRODUCTIV EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. CUSTOMER ACKNOWLEDGES THAT PRODUCTIV DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE. PRODUCTIV MAKES NO WARRANTY REGARDING AND DOES NOT SUPPORT ANY NON-PRODUCTIV APPLICATION.
9. Limitation of Liability.
   1. Limitation of Liability. EXCEPT FOR (I) EITHER PARTY’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 10 (“MUTUAL INDEMNIFICATION”), OR (II) DAMAGES ARISING OUT OF EITHER PARTY’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, IN NO EVENT SHALL EITHER PARTY’S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER IN CONTRACT OR TORT OR UNDER ANY OTHER THEORY OF LIABILITY) EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER HEREUNDER IN THE 12 MONTHS PRECEDING THE FIRST EVENT GIVING RISE TO LIABILITY. THE FOREGOING SHALL NOT LIMIT CUSTOMER'S PAYMENT OBLIGATIONS UNDER THE “FEES” SECTION ABOVE.
   2. Exclusion of Consequential and Related Damages. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY OR TO ANY THIRD PARTY FOR ANY LOST PROFITS OR REVENUES OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING DISCLAIMER SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
   3. Scope of Limitation. The limitations hereunder apply with respect to all legal theories, whether in contract, tort or otherwise. The provisions of this ’Limitation of Liability’ section allocate the risks under this Agreement between the parties, and the parties have relied on these limitations in determining whether to enter into this Agreement.
10. Mutual Indemnification.
    1. Productiv Indemnification. Productiv shall defend Customer and its Affiliates, and its and their respective officers, directors, employees and contractors, from and against a suit or proceeding by a third party alleging that the Services provided by Productiv hereunder, or use of such Services by Customer, violates, infringes or misappropriates a third party’s intellectual property right (a "Claim Against Customer"), and shall indemnify Customer for any damages, attorney fees and costs finally awarded against Customer as a result of, and for amounts paid by Customer under a court-approved settlement of, a Claim Against Customer; provided, however, that Productiv shall have no liability under this Section 10(a) to the extent a Claim Against Customer arises from (i) Customer Data or a Non-Productiv Application; (ii) Customer’s negligence, misconduct, or breach of this Agreement; (iii) any modification, combination or development of the Services that is not performed by Productiv, including in the use of any APIs; or (iv) the use of any version of software other than the most current release made available by Productiv.
    2. Customer Indemnification. Customer shall defend Productiv and its Affiliates, and its and their respective officers, directors, employees and contractors, from and against a suit or proceeding by a third party alleging that Customer’s provision or use of Customer Data hereunder violates a third party right or agreement, or applicable law (each, a "Claim Against Productiv"), and shall indemnify Productiv for any damages, attorney fees and costs finally awarded against Productiv as a result of, or for any amounts paid by Productiv under a court-approved settlement of, a Claim Against Productiv; provided, however, that Customer shall have no liability under this Section 10(b) to the extent a Claim Against Productiv arises from Productiv’s breach of this Agreement.
    3. Indemnification Procedure. The indemnified party will provide the indemnifying party with prompt written notice of any claim, suit or demand, the right to assume the exclusive defense and control of any matter that is subject to indemnification, and cooperation with any reasonable requests assisting the indemnifying party’s defense and settlement of such matter.
    4. Exclusive Remedy. This "Mutual Indemnification" section states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any type of claim described in this section.
11. General Provisions.
    1. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.
    2. No Third-Party Beneficiaries. TThere are no third-party beneficiaries to this Agreement.
    3. Notices. Except as otherwise set forth herein, all notices under this Agreement will be in writing addressed to the parties at the address set forth in the preamble of this Agreement and will be deemed to have been duly given (a) when received, if personally delivered; (b) the first business day after sending by email; (c) the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and (d) upon receipt, if sent by certified or registered mail, return receipt requested.
    4. Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.
    5. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.
    6. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld). Notwithstanding the foregoing, either party may assign this Agreement in its entirety (including all Order Forms), without consent of the other party, to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. A party’s sole remedy for any purported assignment by the other party in breach of this paragraph are those described in the “Termination for Cause” and “Refund or Payment upon Termination” sections of this Agreement. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.
    7. Governing Law. This Agreement, and any disputes arising out of or related hereto, shall be governed exclusively by the internal laws of the State of California, without regard to its conflicts of laws rules or the United Nations Convention on the International Sale of Goods.
    8. Venue; Waiver of Jury Trial; Fees. The state and federal courts located in San Francisco County, California shall have exclusive jurisdiction to adjudicate any dispute arising out of or relating to this Agreement. Each party hereby consents to the exclusive jurisdiction of such courts. Each party also hereby waives any right to jury trial in connection with any action or litigation in any way arising out of or related to this Agreement. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover its reasonable costs and attorneys’ fees.
    9. Modifications. As Productiv’s business evolves, Productiv may update this Agreement and post the updated Agreement here (or a successor site). Productiv will provide Customer with reasonable notice prior to material changes taking effect, including by reference on an Order Form, via the Services or e-mail, or by posting the updated terms on our public website. Customer can review the most current version of the Agreement at any time by visiting the Productiv website. The revised Agreement will become effective upon posting of the change. If Customer accesses or uses the Services after the effective date, that use will constitute Customer’s acceptance of any revised terms and conditions.
    10. Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Order Forms, constitutes the entire agreement between the parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning Customer’s purchase and use of the Services. Without limiting the foregoing, this Agreement supersedes the terms of any online agreement electronically accepted by Customer. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and signed by the party against whom the modification, amendment or waiver is to be asserted. However, to the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto or any Order Form, the terms of such exhibit, addendum or Order Form shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in or accepted by Productiv during a vendor onboarding process or web portal, a Customer purchase order, or any other Customer order documentation (excluding Order Forms) shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.

Schedule A
Productiv Security Practices

Information Security Team
An internal Productiv group is responsible for enforcing the information and operational security policies, including those in this Schedule. This group currently consists of the CTO, Head of Security, engineers and other security personnel. The team may be contacted at [email protected].

Infrastructure
Services are operated on a multitenant architecture that is designed to segregate and restrict access to the Customer Data made available via the Services. Productiv uses infrastructure provided by Amazon Web Services, Inc. (“AWS”) to host and process Customer Data. Information about security provided by AWS is available from the AWS Security website. Information about security and privacy-related audits and certifications received by AWS, including information on ISO 27001 certification and SOC reports, is available from the AWS Compliance website.

Security Controls
Productiv will implement and maintain appropriate technical and organizational measures designed to protect Customer Data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of or access to Customer Data processed or transmitted through the Services. Security controls include the following:

• Encryption: The Services use TLS 1.2 and AES-256 encryption to protect Customer Data (1) during transmissions between a customer's network and the Services; and (2) when at rest.
• Access Controls: Productiv maintains access controls for its website, APIs, and backend data stores. Productiv source-code utilizes GitHub and Customer Data is primarily processed from AWS. For each of these services, we require manager approval before Productiv personnel are granted access to these systems, have multiple levels of access starting with read-only access to limited sections, and only grant the minimum level of access required. Productiv performs recurring audits of users with access to these systems, and their levels of access. Productiv utilizes single sign-on to enforce 2-factor authentication, strong password requirements, and automatic password-expiry for all of these services.
• Threat Detection: Productiv has set up tools for automated threat detection. This includes both internal and external vulnerability scans for networks and systems. Productiv performs annual penetration testing from an independent / third party on our external network, internal network and applications.

Product Security
Productiv supports the capability to set up SAML-based authentication for access to the Services. The Services support different roles that allow different levels of access to different aspects of the platform, including controls on financial data, specific apps, or user management.

Audits
The Services undergo security assessments by internal personnel and external security firms who perform regular audits to verify that our security practices are sound and to monitor the Services for new vulnerabilities discovered by the security research community. Confidential SOC 2 reports are available to customers and prospects upon request under non-disclosure agreement.

Incident Management
Productiv will maintain incident management policies and procedures designed to promptly investigate, identify, and remediate unauthorized disclosure of Customer Data. In the event of any confirmed or reasonably suspected unauthorized disclosure of Customer Data resulting from a breach of Productiv’s security obligations, Productiv will promptly notify Customer. Upon request from a Customer, Productiv will communicate the status and post-mortem details of such an incident.

Backup and Disaster Recovery
The Services are built with redundancy and availability in mind. All Customer Data stored in AWS is replicated for high availability. All production and backup services are hosted within the continental United States. The primary AWS region is set to us-west-2 (Oregon) and Productiv utilizes us-east-1 (N. Virginia) for backup. The Services run physically separated and isolated availability zones connected through low-latency links. Each availability zone comprises one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities. Productiv has configured systems in AWS in a way that disaster-recovery - for datacenter and availability zone failures - is automatic and no human intervention is needed. In the event of a complete failure in the us-west-2 region, Productiv has processes and procedures in place to implement a failover to us-east-1. Failover testing is performed twice per year to help ensure Productiv is prepared in the event of a scenario requiring failover.

Data Deletion
Customer may request deletion of Customer Data at any time by emailing [email protected]. Productiv deletes Customer Data from the primary AWS datastores and backups within 60 business days of request and supplies notification of completion via email. Aggregate Usage Data does not constitute Customer Data and will be maintained in accordance with Productiv’s data retention practices.

Personnel Practices
All employees with access to technical resources are required to complete security training. When an employee’s work relationship with Productiv is ending or ends, Productiv’s operations team revokes access to any proprietary technical systems.